Michał "rysiek" Woźniak · 🇺🇦Aug 26, 2024

#Telegram and #Durov are once again in the media, so I translated my May piece about the service to English:

Telegram is neither "secure" nor "encrypted"
https://rys.io/en/171.html

Calling Telegram "secure" or "encrypted" is misleading, and is journalistic malpractice.

Telegram itself seems to mislead about it on purpose.

Telegram's encryption protocol is suspicious and transmits cleartext device identifiers with every message.

They have been called out for it many times, and refuse to change.

Telegram is neither "secure" nor "encrypted"

Telegram is a popular – especially in the East – internet messenger. It bills itself as “encrypted”, “private”, and “secure”. One of its creators (and the CEO of the company that operates the service)

Songs on the Security of Networks
Show threadsssAug 27, 2024
@rysiek also, long time ago Russian crypto researchers discovered what dh params for e2e in telegram generated on server-side, but i do not know if it's fixed yet or not...
Show threadMichał "rysiek" Woźniak · 🇺🇦Aug 27, 2024
@sss link?
Show threadsssAug 27, 2024
@rysiek as i am not a fan of telegram, i not looked deep into this topic, but it was mentioned here : https://www.youtube.com/watch?v=5tW5qDQJqqo
Сергей Матвеев «Выбор программного обеспечения защищающего приватность»

YouTube
Show threadMichał "rysiek" Woźniak · 🇺🇦
@sss thanks!
Aug 27, 2024 at 12:50amWeb